← Retour aux CVEs
CVE-2026-28269
MEDIUM5.9
Description
Kiteworks is a private data network (PDN). Prior to version 9.2.0, avulnerability in Kiteworks command execution functionality allows authenticated users to redirect command output to arbitrary file locations. This could be exploited to overwrite critical system files and gain elevated access. Version 9.2.0 contains a patch.
Details CVE
Score CVSS v3.15.9
SeveriteMEDIUM
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisHIGH
Interaction utilisateurNONE
Publie2/26/2026
Derniere modification3/3/2026
Sourcenvd
Observations honeypot0
Produits affectes
accellion:kiteworks
Faiblesses (CWE)
CWE-78
References
https://github.com/kiteworks/security-advisories/security/advisories/GHSA-6j64-6fpp-9453(security-advisories@github.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.